From 83b9c4efd7a5466b444e45b20de76c577ef06a93 Mon Sep 17 00:00:00 2001
From: maxmcd <max.t.mcdonnell@gmail.com>
Date: Wed, 6 Jun 2018 12:42:07 -0400
Subject: [PATCH] Add --disable-ssl option to simple-server.py

---
 webrtc/signalling/Dockerfile       |  7 +-----
 webrtc/signalling/simple-server.py | 39 ++++++++++++++++--------------
 2 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/webrtc/signalling/Dockerfile b/webrtc/signalling/Dockerfile
index 5e5584d5f6..5902f68ae8 100644
--- a/webrtc/signalling/Dockerfile
+++ b/webrtc/signalling/Dockerfile
@@ -5,9 +5,4 @@ RUN pip3 install --user websockets
 WORKDIR /opt/
 COPY . /opt/
 
-RUN sed -i 's/sslctx.load_cert_chain(chain_pem, keyfile=key_pem)/pass/g' \
-    ./simple-server.py
-RUN sed -i 's/ssl=sslctx,//g' \
-    ./simple-server.py
-
-CMD python -u ./simple-server.py
+CMD python -u ./simple-server.py --disable-ssl
diff --git a/webrtc/signalling/simple-server.py b/webrtc/signalling/simple-server.py
index 9714213c47..df83c768fd 100755
--- a/webrtc/signalling/simple-server.py
+++ b/webrtc/signalling/simple-server.py
@@ -22,6 +22,7 @@ parser.add_argument('--addr', default='0.0.0.0', help='Address to listen on')
 parser.add_argument('--port', default=8443, type=int, help='Port to listen on')
 parser.add_argument('--keepalive-timeout', dest='keepalive_timeout', default=30, type=int, help='Timeout for keepalive (in seconds)')
 parser.add_argument('--cert-path', default=os.path.dirname(__file__))
+parser.add_argument('--disable-ssl', default=False, help='Disable ssl', action='store_true')
 
 options = parser.parse_args(sys.argv[1:])
 
@@ -239,25 +240,27 @@ async def handler(ws, path):
     finally:
         await remove_peer(peer_id)
 
-# Create an SSL context to be used by the websocket server
-certpath = options.cert_path
-print('Using TLS with keys in {!r}'.format(certpath))
-if 'letsencrypt' in certpath:
-    chain_pem = os.path.join(certpath, 'fullchain.pem')
-    key_pem = os.path.join(certpath, 'privkey.pem')
-else:
-    chain_pem = os.path.join(certpath, 'cert.pem')
-    key_pem = os.path.join(certpath, 'key.pem')
+sslctx = None
+if not options.disable_ssl:
+    # Create an SSL context to be used by the websocket server
+    certpath = options.cert_path
+    print('Using TLS with keys in {!r}'.format(certpath))
+    if 'letsencrypt' in certpath:
+        chain_pem = os.path.join(certpath, 'fullchain.pem')
+        key_pem = os.path.join(certpath, 'privkey.pem')
+    else:
+        chain_pem = os.path.join(certpath, 'cert.pem')
+        key_pem = os.path.join(certpath, 'key.pem')
 
-sslctx = ssl.create_default_context()
-try:
-    sslctx.load_cert_chain(chain_pem, keyfile=key_pem)
-except FileNotFoundError:
-    print("Certificates not found, did you run generate_cert.sh?")
-    sys.exit(1)
-# FIXME
-sslctx.check_hostname = False
-sslctx.verify_mode = ssl.CERT_NONE
+    sslctx = ssl.create_default_context()
+    try:
+        sslctx.load_cert_chain(chain_pem, keyfile=key_pem)
+    except FileNotFoundError:
+        print("Certificates not found, did you run generate_cert.sh?")
+        sys.exit(1)
+    # FIXME
+    sslctx.check_hostname = False
+    sslctx.verify_mode = ssl.CERT_NONE
 
 print("Listening on https://{}:{}".format(*ADDR_PORT))
 # Websocket server